Twitch’s entire source code, as well as user payout information, is said to have been released by an unnamed hacker.
The breach was intended to “promote further disruption and competition in the online video streaming industry” because “their community is a horrible toxic cesspool,” according to the user, who posted a 125GB torrent link to 4chan on Wednesday. Twitch is aware of the hack internally, according to the source, and the data was likely stolen as recently as Monday.
We can confirm a breach has taken place. Our teams are working with urgency to understand the extent of this. We will update the community as soon as additional information is available. Thank you for bearing with us.
— Twitch (@Twitch) October 6, 2021
According to reports, the leaked Twitch data includes:
- The entirety of Twitch’s source code with commit history “going back to its early beginnings”
- Creator payout reports from 2019
- Mobile, desktop and console Twitch clients
- Proprietary SDKs and internal AWS services used by Twitch
- “Every other property that Twitch owns” including IGDB and CurseForge
- An unreleased Steam competitor, codenamed Vapor, from Amazon Game Studios
- Twitch internal ‘red teaming’ tools (designed to improve security by having staff pretend to be hackers)
If you have a Twitch account, you should enable two-factor authentication, which assures that even if your password is compromised, you will need to authenticate your identity using SMS or an authenticator app on your phone.
Part one of the leak has been labeled, implying that there may be more to come. While personal information such as creator payments is included, it does not appear that passwords, addresses, or email accounts of Twitch’s users are included in this initial disclosure. Instead than publishing code that would contain personal accounts, the leaker appears to have focused on sharing Twitch’s own corporation tools and information.
However, it’s unclear how much data has been accessed. Twitch’s saying that it’s attempting to figure out what caused the security compromise, and some customers have been prompted to reset their passwords. If you haven’t already done so, we recommend changing your password and using two-factor authentication until we learn more about the scope of the hack.
Here's a more comprehensive list of leaked Twitch payouts (I will keep updating this thread as more things come out). pic.twitter.com/15JItvp6l4
— KnowSomething (@KnowS0mething) October 6, 2021
In any case, this leak will be bad for the game streaming site, especially for producers who rely on Twitch to keep their profits and personal information safe. The attack comes after weeks of protests demanding that Twitch improve its service as part of the #DoBetterTwitch initiative. In August, Twitch’s streamers took a day off to protest the company’s lack of action against hate raids.
Please check out the following website for further news articles:
